<?php
include("../contents.php");
include("../security.php");
include("../settings.php");
include("../database.php");
include("../i18n.php");
if(!isset($_GET["dir"])) {
	$_GET["dir"]=0;
}
// print_r($_FILES);
if(!empty($_GET["dir"]) || (isset($_GET["dir"]) && $_GET["dir"]==0)) {
	if ($_GET["dir"]==0 && (isset($_GET["pres"]) && Contents::presence_rights($_GET["pres"]))) {
		$row_act=new rowact();
		$row_act->id=0;
		$row_act->presence=$_GET["pres"];
		$row_act->name="/";
	} else {
		$act_dir=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."media_dirs WHERE id='". $_GET["dir"] ."'");
		if (mysql_num_rows($act_dir)==1) {
			$row_act=mysql_fetch_object($act_dir);
			if (!Contents::presence_rights($row_act->presence)) {
				die("Sie haben keinen Zugriff auf dieses Verzeichnis");
			}
		} else {
			die("Dieses Verzeichnis existiert nicht!");
		}
	}
	
	if(!empty($_GET["delimage"])) {
		$img=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."media WHERE id='". $_GET["delimage"] ."'");
		if(mysql_num_rows($img)==1) {
			$row_img=mysql_fetch_object($img);
			$imgdir=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."media_dirs WHERE id='". $row_img->ofdir ."' and presence='". $row_act->presence ."'");
			if (mysql_num_rows($imgdir)==1) {
				if (file_exists(realpath("../html/media") ."/". $row_img->filename)) {
					unlink(realpath("../html/media") ."/". $row_img->filename);
				}
				if (file_exists(realpath("../html/media") ."/thumbs/". $row_img->filename)) {
					unlink(realpath("../html/media") ."/thumbs/". $row_img->filename);
				}
				mysql_query("DELETE FROM ". $GLOBALS["db_pref"] ."media WHERE id='". $row_img->id ."'");
			}
		}
	}
	
	if(!empty($_FILES) && is_array($_FILES)) {
		while(list($key, $val) = each($_FILES)) {
			if (is_array($val) && !empty($val["name"])) {
				$fileext=explode(".", $val["name"]);
				$origname=$val["name"];
				$origtype=$val["type"];
				$exists=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."media WHERE orig_filename='". $origname ."' and ofdir='". $row_act->id ."'");
				if (mysql_num_rows($exists)>0) {
					$row_exists=mysql_fetch_object($exists);
					unlink(realpath("../html/media") ."/". $row_exists->filename);
					if(move_uploaded_file($val["tmp_name"], realpath("../html/media")."/". $row_exists->filename)) {
						chmod(realpath("../html/media")."/". $row_exists->filename,0640);
						createthumb($row_exists->filename, $origtype);
						echo "<br>Datei ". $origname ." erfolgreich &uuml;berschrieben.";
					} else {
						echo "<br>Es ist ein Fehler aufgetreten.";
					}
				} else {
					$newid=create_uniqid($GLOBALS["db_pref"] ."media");
					$newfilename=$newid .".". $fileext[(count($fileext) - 1)];
					if(move_uploaded_file($val["tmp_name"], realpath("../html/media")."/". $newfilename)) {
						if (mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."media SET id='". $newid ."', type='". $origtype ."', ofdir='". $row_act->id ."', orig_filename='". $origname ."', filename='". $newfilename ."'")) {
							chmod(realpath("../html/media")."/". $newfilename,0640);
							createthumb($newfilename, $origtype);
							echo "Datei erfolgreich hochgeladen<br />";
						} else {
							echo "<br>Es ist ein Fehler aufgetreten.";
						}
					}
				}
			}
		}
		flush();
		exit();
	}
	
	if (!empty($_GET["deldir"]) && getright("content_dir_delete")) {
		mysql_query("DELETE FROM ". $GLOBALS["db_pref"] ."media_dirs WHERE id='". $_GET["deldir"] ."' and presence='". $row_act->presence ."'");
	}

	if (!empty($_GET["rename_dir_id"]) && !empty($_GET["rename_dir"]) && getright("content_dir_rename")) {
		mysql_query("UPDATE ". $GLOBALS["db_pref"] ."media_dirs SET name='". $_GET["rename_dir"] ."' WHERE id='". $_GET["rename_dir_id"] ."' and presence='". $row_act->presence ."'");
	}

	if (!empty($_GET["create_dir"]) && getright("content_dir_add")) {
		// $max=mysql_query("SELECT max(`sort`) as max FROM ". $GLOBALS["db_pref"] ."media_dirs WHERE presence='". $row_act->presence ."'");
		$dir_exists=mysql_query("SELECT id FROM ". $GLOBALS["db_pref"] ."media_dirs WHERE name='". $_GET["create_dir"] ."' and presence='". $row_act->presence ."'");
		if (mysql_num_rows($dir_exists)==0) {
			// $row_max=mysql_fetch_object($max);
			mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."media_dirs SET name='". $_GET["create_dir"] ."', presence='". $row_act->presence ."'");
		}
	}
	echo "<"."?xml version=\"1.0\"?".">";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de">
  <head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
    <title>Administration</title>
    <link media="screen" rel="stylesheet" href="css/style.css" type="text/css" />
    <script src="js/scripts.js" type="text/javascript"></script>
  </head>

  <body id="edit">
    <p id="pageheadline">INHALT DES VERZEICHNISSES: &quot;<?php echo $row_act->name; ?>&quot;</p>
    <?php
    if($row_act->id==0) {
    ?>
	<a href="javascript:asknewdir('<?php echo $_SERVER["PHP_SELF"]; ?>?&dir=<?php echo $_GET["dir"]; echo ($row_act->id==0)?"&pres=". $row_act->presence:""; ?>')" class="small">Verzeichnis erstellen</a>
	<?php
    	$subdirs=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."media_dirs WHERE presence='". $row_act->presence ."'");
    	if (mysql_num_rows($subdirs)>0) {
    		?>
    		<p id="pageheadline">Verzeichnisse</p>
    		<table style="padding:0px; margin:0px;border:0px;" cellspacing="0" cellpadding="0">
          		<tr>
          			<th width="300" align="left">Verzeichnisname</th>
          			<?php if (getright("content_dir_rename")) { ?>
          				<th width="50" align="center">Umbenennen</th>
          			<?php } ?>
          			<?php if (getright("content_dir_delete")) { ?>
          				<th width="50" align="center">L&ouml;schen</th>
          			<?php } ?>
          		</tr>
    			<?php
    				for($i=0; $i<mysql_num_rows($subdirs); $i++) {
    					$row_subdirs=mysql_fetch_object($subdirs);
    					?>
    					<tr>
    						<td style="padding:0px;padding-left:7px;margin:0px;border:0px;"><a href="<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_subdirs->id; ?>"><?php echo $row_subdirs->name; ?></a></td>
    						<?php // if (getright("content_dir_rename")) { ?>
    						<td style="text-align:center;"><a href="javascript:askrenamedir('<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>&pres=<?php echo $row_act->presence; ?>&rename_dir_id=<?php echo $row_subdirs->id; ?>','<?php echo $row_subdirs->name; ?>')"><img src="images/edit.gif" style="border:0px;width:12px;height:16px;" /></a></td>
    						<?php // } ?>
    						<?php // if (getright("content_dir_delete")) { ?>
    						<td style="text-align:center;"><a href="javascript:askdelete('<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>&pres=<?php echo $row_act->presence; ?>&deldir=<?php echo $row_subdirs->id; ?>')"><img src="images/delete_small.gif" style="border:0px;width:14px;height:14px;" /></a></td>
    						<?php // } ?>
    					</tr>
    					<?php
    				}
    			?>
    		</table>
    		<?php
    	}
    } else {
    	$domain=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."domains WHERE presence='". $row_act->presence ."'");
    	$domainname="";
    	if (mysql_num_rows($domain)>0) {
    		$row_dom=mysql_fetch_object($domain);
    		$domainname="http://". $row_dom->domainname;
    	}
    	$pics=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."media WHERE ofdir='". $row_act->id ."' order by orig_filename");
	?>
	<a href="<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>" class="small">Neu laden</a>
	<table style="border: 0px; padding: 5px; margin: 0px;">
	  <tr>
	  	<?php
	  	for($i=0; $i<mysql_num_rows($pics); $i++) {
	  		$row_pic=mysql_fetch_object($pics);
	  		?>
	  		<td align="center">
	  		  <?php show_thumb($row_pic->filename, $row_pic->type, $domainname, $row_pic->orig_filename); ?><br />
	  		  <?php echo "<a href=\"javascript:askdelete('". $_SERVER["PHP_SELF"] ."?dir=". $row_act->id ."&amp;delimage=". $row_pic->id ."')\">". substr($row_pic->orig_filename,0,20) ."</a>"; ?>
	  		</td>
	  		<?php
	  		if ($i%4==3) {
	  			?></tr><tr><?php
	  		}
	  	}
	  	?>
	  </tr>
	</table>
	<br />
    <applet 
		code="JUpload.startup"
		archive="./jupload.jar"
		width="500"
		height="300"
		mayscript="mayscript"
		name="JUpload"
		alt="JUpload by www.jupload.biz">

		<!-- Java Plug-In Options -->
		<param name="progressbar" value="true">
		<param name="removeBorders" value="false">
		<param name="boxmessage" value="Loading JUpload Applet ...">

		<!-- Target links -->
		<param name="actionURL" value="<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>">

		<!-- <param name="maxTotalRequestSize" value="4"> -->

		<!-- IF YOU HAVE PROBLEMS, CHANGE THIS TO TRUE BEFORE CONTACTING SUPPORT -->
		
		<param name="debug" value="true">

	  Your browser does not support applets. Or you have disabled applet in your options.
	  To use this applet, please install the newest version of Suns java. You can get it from <a href="http://www.java.com/">java.com</a>
	</applet>
	
	<form action="<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>" method="POST" enctype="multipart/form-data">
	<input type="file" name="datei" /> <input type="submit" />
	</form>
	<?php
    }
	?>
  </body>
</html>
<?php
}

function create_uniqid($table) {
	$newid=md5(uniqid(rand()));
	if (mysql_num_rows(mysql_query("SELECT id FROM ". $table ." WHERE id='". $newid ."'"))>0) {
		return create_uniqid($table);
	} else {
		return $newid;
	}
}

function createthumb($filename, $type) {
	// echo $type;
	if($type=="image/jpeg" || $type=="image/gif" || $type=="image/png") {
		$dir=realpath("../html/media") ."/";
		system($GLOBALS["imagemagick"]["command"] ." ". $dir . $filename ." -thumbnail \"100x100>\" -bordercolor white -border 55 -gravity center -crop 110x110+0+0 +repage -bordercolor black  -border 1 ". $dir ."thumbs/". $filename ."");
	}
}

function show_thumb($filename, $type, $domainname, $origfilename) {
	$thumb="";
	
	if($type=="image/jpeg") {
		$file=$domainname ."/media/thumbs/". $filename;
	} elseif ($type=="image/gif") {
		$file=$domainname ."/media/thumbs/". $filename;
	} elseif ($type=="image/png") {
		$file=$domainname ."/media/thumbs/". $filename;
	} elseif ($type=="application/pdf") {
		$file="images/pdficon.jpg";
	} elseif ($type=="application/msword") {
		$file="images/wordicon.jpg";
	} else {
		$file="images/othericon.jpg";
	}
	echo "<a href=\"". $domainname ."/media/". $filename ."\" target=\"_blank\"><img src=\"". $file ."\" width=\"110\" height=\"110\" alt=\"". $origfilename ."\" border=\"0\" /></a>";
}
?>